SecurityLabs/MetalWorker.Cryptography/BlockRSA.cs at master · dragongling/SecurityLabs · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
using System;
using System.Collections.Generic;
using System.Numerics;
using System.Security.Cryptography;

namespace MetalWorker.Cryptography
{
    /// <summary>
    /// Block RSA cryptosystem implementation
    /// </summary>
    public static class BlockRSA
    {
        public static KeyData<BigInteger> GenerateKeys(uint bytesCount)
        {
            Random rng = new Random();
            RNGCryptoServiceProvider cryptoRNG = new RNGCryptoServiceProvider();
            BigInteger p = Primes.GetRandom(cryptoRNG, bytesCount),
                q = Primes.GetRandom(cryptoRNG, bytesCount);

            var N = p * q;
            BigInteger phi = (p - 1) * (q - 1);

            return FindED_RandomE(N, phi);
        }

        public static byte[] Encrypt(byte[] msg, Key<BigInteger> encKey)
        {

            List<byte> result = new List<byte>();
            int cipherBlockSize = encKey.N.ToByteArray().Length;

            /* Oops, we accidentally implemented block RSA (>_<)
             * In original RSA message size should be < N size:
             * https://stackoverflow.com/questions/5866129/rsa-encryption-problem-size-of-payload-data */
            int msgBlockSize = cipherBlockSize - 1;
            msg = CompleteToFullBlocks(msg, msgBlockSize);

            for (int i = 0; i < msg.Length; i += msgBlockSize)
            {
                byte[] block = new byte[msgBlockSize];
                Array.Copy(msg, i, block, 0, msgBlockSize);
                BigInteger value = new BigInteger(block);

                byte[] r = new byte[cipherBlockSize]; //For alignment
                var s = BigInteger.ModPow(value, encKey.ED, encKey.N).ToByteArray();
                Array.Copy(s, r, s.Length); //For alignment

                result.AddRange(r);
            }
            return result.ToArray();
        }

        public static byte[] Decrypt(byte[] cipher, Key<BigInteger> decKey)
        {
            List<byte> result = new List<byte>();
            int blockSize = decKey.N.ToByteArray().Length;

            for (int i = 0; i < cipher.Length; i += blockSize)
            {
                byte[] block = new byte[blockSize];
                Array.Copy(cipher, i, block, 0, blockSize);
                BigInteger value = new BigInteger(block);

                result.AddRange(BigInteger.ModPow(value, decKey.ED, decKey.N).ToByteArray());
            }
            return result.ToArray();
        }

        private static byte[] CompleteToFullBlocks(byte[] arr, int blockSize)
        {
            int diff = arr.Length % blockSize;
            if (diff != 0)
            {
                byte[] temp = new byte[arr.Length + (blockSize - diff)];
                Array.Copy(arr, temp, arr.Length);
                arr = temp;
            }
            return arr;
        }

        static KeyData<BigInteger> FindED_RandomE(BigInteger N, BigInteger phi)
        {
            RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
            KeyData<BigInteger> keyData = new KeyData<BigInteger> { N = N };
            do
            {
                keyData.E = Primes.GetRandom(rng, (uint)phi.ToByteArray().Length, phi);
                if (phi % keyData.E == 0)
                    continue;
                keyData.D = ExtendedEuclide(keyData.E % phi, phi).u1;
            } while (keyData.D < 0);
            return keyData;
        }

        private static ExtendedEuclideanResult<BigInteger> ExtendedEuclide(BigInteger a, BigInteger b)
        {
            BigInteger u1 = BigInteger.One;
            BigInteger u3 = a;
            BigInteger v1 = BigInteger.Zero;
            BigInteger v3 = b;

            while (v3 > 0)
            {
                BigInteger q0 = u3 / v3;
                BigInteger q1 = u3 % v3;

                BigInteger tmp = v1 * q0;
                BigInteger tn = u1 - tmp;
                u1 = v1;
                v1 = tn;

                u3 = v3;
                v3 = q1;
            }

            BigInteger tmp2 = u1 * (a);
            tmp2 = u3 - (tmp2);
            BigInteger res = tmp2 / (b);

            ExtendedEuclideanResult<BigInteger> result = new ExtendedEuclideanResult<BigInteger>()
            {
                u1 = u1,
                u2 = res,
                gcd = u3
            };

            return result;
        }

        /// <summary>
        /// Contains all key-related data (including private)
        /// </summary>
        public struct KeyData<IntegerType>
        {
            public IntegerType N, E, D;

            public KeyData(IntegerType N, IntegerType E, IntegerType D)
            {
                this.N = N;
                this.E = E;
                this.D = D;
            }

            public Key<IntegerType> GetOpenKey()
            {
                return new Key<IntegerType>(N, E);
            }

            public Key<IntegerType> GetPrivateKey()
            {
                return new Key<IntegerType>(N, D);
            }
        }

        /// <summary>
        /// Single open or private key
        /// </summary>
        public struct Key<IntegerType>
        {
            public IntegerType N, ED;

            public Key(IntegerType N, IntegerType ED)
            {
                this.N = N;
                this.ED = ED;
            }
        }

        private struct ExtendedEuclideanResult<IntType>
        {
            public IntType u1;
            public IntType u2;
            public IntType gcd;
        }
    }
}